In this episode, we sit down with Paul Davis, Field CISO at JFrog, as he explores JFrog’s approach to building trust in software development pipelines and the evolution towards DevGovOps. Paul shares his perspective on elevating trust from the granular level of software releases to the broader application layer, emphasising the need for consistent, automated, and reliable methodologies in development. He discusses the critical role of automation in balancing speed and security, tackling tool sprawl, and mitigating risks posed by open source dependencies. The conversation touches on the realities of legacy tech debt, the challenges of integrating and consolidating security tooling, and the importance of having a single source of truth.
Paul is an experienced IT Security Executive who, as Field CISO at JFrog, works to help CISOs, IT execs and security teams, enhance protection of their software supply chain. Additionally, he advises IT security startups, mentors security leaders, and provides guidance on various IT security trends.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Bobby Bones Show
Listen to 'The Bobby Bones Show' by downloading the daily full replay.